US10554640B2ActiveUtilityA1

Method and system for facilitating secure communication

48
Assignee: NXP BVPriority: Jun 13, 2016Filed: Jun 13, 2016Granted: Feb 4, 2020
Est. expiryJun 13, 2036(~9.9 yrs left)· nominal 20-yr term from priority
H04W 12/04H04L 2463/061H04L 63/061H04L 2463/062H04L 63/0876H04W 12/77H04W 12/71
48
PatentIndex Score
0
Cited by
13
References
11
Claims

Abstract

According to a first aspect of the present disclosure, a method for facilitating secure communication in a network is conceived, comprising: encrypting, by a source node in the network, a cryptographic key using a device key as an encryption key, wherein said device key is based on a device identifier that identifies a destination node in the network; transmitting, by said source node, the encrypted cryptographic key to the destination node. According to a second aspect of the present disclosure, a corresponding non-transitory, tangible computer program product is provided. According to a third aspect of the present disclosure, a corresponding system for facilitating secure communication in a network is provided.

Claims

exact text as granted — not AI-modified
The invention claimed is: 
     
       1. A method for facilitating secure communication in a network, comprising:
 generating a device key based upon a device identifier and a sequence of padding bits; 
 encrypting, by a source node in the network, a cryptographic key using the device key as an encryption key, wherein the device identifier has unique but changing data that identifies a destination node in the network; and 
 transmitting, by said source node, the encrypted cryptographic key to the destination node. 
 
     
     
       2. The method as claimed in  claim 1 , further comprising:
 decrypting, by the destination node, the encrypted cryptographic key using the device key as a decryption key. 
 
     
     
       3. The method as claimed in  claim 2 , further comprising:
 acknowledging, by the destination node, receipt of the cryptographic key by encrypting the device key using the cryptographic key as an encryption key; and 
 transmitting the encrypted device key to the source node. 
 
     
     
       4. The method as claimed in  claim 1 , wherein the source node is a network gateway. 
     
     
       5. The method as claimed in  claim 1 , wherein the cryptographic key is a secret master key. 
     
     
       6. The method as claimed in  claim 1 , wherein the device identifier is a unique serial number of the destination node. 
     
     
       7. The method as claimed in  claim 1 , wherein the device key has been generated by executing a predefined one-way function that takes the device identifier and the sequence of padding bits as input parameters. 
     
     
       8. The method as claimed in  claim 1 , further comprising:
 storing the device key in a memory unit of the source node, such that the source node may authenticate the destination node by means of said device key after an arbitrary amount of time has elapsed. 
 
     
     
       9. A non-transitory, tangible computer medium comprising instructions which, when being executed by a processing unit, cause said processing unit to carry out or control a method for facilitating secure communication in a network, the non-transitory, tangible computer medium comprising:
 instructions for generating a device key based upon a device identifier and a sequence of padding bits; 
 instructions for encrypting, by a source node in the network, a cryptographic key using the device key as an encryption key, wherein the device identifier has unique but changing data that identifies a destination node in the network; and 
 instructions for transmitting, by said source node, the encrypted cryptographic key to the destination node. 
 
     
     
       10. A system for facilitating secure communication in a network, said system comprising:
 a source node which is configured to encrypt a cryptographic key using a device key as an encryption key, wherein said device key is generated based on a device identifier having unique but changing data that identifies a destination node in the network, and a sequence of padding bits, and transmit the encrypted cryptographic key to the destination node. 
 
     
     
       11. The system as claimed in  claim 10 , further comprising the destination node, wherein said destination node is configured to decrypt the encrypted cryptographic key using the device key as a decryption key.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.